You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
westermo
About this tag
Westermo is a vendor of industrial networking equipment, including managed switches and routers that run the WeOS 5 operating system. Recent discussions on WindowsForum highlight critical security vulnerabilities in WeOS 5, such as CVE-2025-46419, a remote denial-of-service flaw triggered by a crafted ESP packet when IPsec is enabled, and CVE-2025-46418, a high-severity OS command injection vulnerability exploitable via the administrative interface. These issues are documented by both Westermo and CISA, emphasizing the need for OT-IT convergence teams to prioritize patching to WeOS 5.24.0 and apply mitigations to protect critical infrastructure.
CISA’s September 18 bulletin published nine new Industrial Control Systems (ICS) advisories that affect a broad cross-section of OT vendors — from industrial networking stacks to remote terminal units, asset-management suites, machine-vision firmware, and industry-specific protocols —...
cisa
cognex in-sight
dover maglink lx4
end-of-train protocol
firmware
hitachi energy asset suite
hitachi energy service suite
ics
ics advisories
industrial control systems
mitsubishi electric melsoft
network segmentation
ot security
patch management
rail protocols
schneider electric saitel
security audits
westermo
windows ot
Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...
Westermo’s WeOS 5 series has a newly disclosed high‑severity vulnerability that deserves immediate attention from industrial network operators and Windows network teams responsible for OT‑IT convergence, because it can be used to inject operating‑system commands when an attacker can reach an...